package cn.jiayen.sercurity.config;


import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

/**
 * Created by jiayen on 2018/5/9.
 */
public class SercurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        super.configure(auth);
    }

    @Override
    public void configure(WebSecurity web) throws Exception {
        super.configure(web);
    }
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http
                //通过formlogin方法登录，并设置登录url为/api/user/login
                .formLogin().loginPage("/api/user/login")
                //指定登录成功后跳转到/index页面
                .defaultSuccessUrl("/index")
                //指定登录失败后跳转到/login?error页面
                .failureUrl("/login?error")
                .permitAll()
                .and()
                //开启cookie储存用户信息，并设置有效期为14天，指定cookie中的密钥
                .rememberMe().tokenValiditySeconds(1209600).key("mykey")
                .and()
                .logout()
                //指定登出的url
                .logoutUrl("/api/user/logout")
                //指定登场成功之后跳转的url
                .logoutSuccessUrl("/index")
                .permitAll();
        super.configure(http);
    }
}
